This chapter describes the basic command-line interface (CLI). The CLI includes a number of utilities for managing an IDM instance.
All of the utilities are subcommands of the
cli.sh (UNIX) or
cli.bat (Windows) scripts. To use the utilities, you can either run them as subcommands, or launch the cli script first, and then run the utility. For example, to run the encrypt utility on a UNIX system:
Using boot properties at /path/to/openidm/resolver/boot.properties openidm# encrypt ....
/path/to/openidm/cli.sh encrypt ...
The command-line utilities run with the security properties defined in your project's
If you run the cli.sh command by itself, it opens an IDM-specific shell prompt:
The startup and shutdown scripts are not discussed in this chapter. For information about these scripts, see Configuration and Monitoring.
The following sections describe the subcommands and their use. Examples assume that you are running the commands on a UNIX system. For Windows systems, use cli.bat instead of cli.sh.
For a list of subcommands available from the
openidm# prompt, run the cli.sh help command. The help and exit options shown below are self-explanatory. The other subcommands are explained in the subsections that follow:
local:secureHash Hash the input string. local:keytool Export or import a SecretKeyEntry. The Java Keytool does not allow for exporting or importing SecretKeyEntries. local:encrypt Encrypt the input string. local:validate Validates all json configuration files in the configuration (default: /conf) folder. basic:help Displays available commands. basic:exit Exit from the console. remote:configureconnector Generate connector configuration. remote:configexport Exports all configurations. remote:update Update the system with the provided update file. remote:configimport Imports the configuration set from local file/directory.
The following options are common to the configexport, configimport, and configureconnector subcommands:
- -u or --user USER[:PASSWORD]
Allows you to specify the server user and password. Specifying a username is mandatory. If you do not specify a username, the following error is output to the OSGi console:
Remote operation failed: Unauthorized. If you do not specify a password, you are prompted for one. This option is used by all three subcommands.
- --url URL
The URL of the REST service. The default URL is
http://localhost:8080/openidm/. This can be used to import configuration files from a remote running IDM instance. This option is used by all three subcommands.
- -P or --port PORT
The port number associated with the REST service. If specified, this option overrides any port number specified with the --url option. The default port is
8080. This option is used by all three subcommands.